The present disclosure relates to identifying reputation and/or trust information for software run in a computing system, such as software applications that run in a cross-platform runtime environment of a computing platform.
Many approaches to managing software that is run in computing systems have been developed, and in particular, various approaches have been taken to help prevent malicious software from being installed or run on a computer. For example, WINDOWS® based computer platforms often enable the use of certificates to sign software applications to be installed on the computer. Such certificates can be checked at install time, and various notifications regarding the software application can be provided to the user, based on the certificate, at the time of installation, to help the user in determining whether or not to proceed with the installation. In addition, such certificates can be revoked.
Furthermore, when a software program (such as a plug-in to a Web browser) is downloaded from the Internet, the software program is typically signed by a certificate. In such a case, the Web browser provides information from the digital certificate (e.g., the name of the of application and the identity of the entity that signed the application using the certificate) along with a notice regarding the risks of trusting the information and the program, in order to help the user in safe guarding their computer from potentially malicious programs. For example, if the digital certificate is a self-signed certificate, the Web browser will notify the user of the increased risk of installing such software, as opposed to software that has been signed by a certificate that is co-signed by a recognized certificate authority.
Moreover, various commercially available software products provide anti-spyware and anti-virus features designed to maintain computer security. These software products typically scan files (e.g., executable files) for know bit patterns to identify viruses, Trojan horses, worms, etc. The scanning is typically performed periodically for software and data stored on a computer, and for network communications at the time of sending or receiving. Such programs can also be set up to automatically scan software at the point of installation. Moreover, such programs have also included functionality to verify trusted Web sites and block fake Web sites.
Checking for fake Web sites has also been implemented in at least one Web browser. Internet Explorer (provided by Microsoft Corporation of Redmond, Wash.) includes an option to turn on a phishing filter service. When a user opts-in to this service, every time the user clicks on a link to a Web page, the browser, in parallel with requesting the resources at the link, sends the URL (Uniform Resource Locator) to a phishing filter Web site where a list of malicious URLs is maintained. If the selected URL appears on this list, a message is sent back to the browser, and an appropriate action is taken by the browser, such as warning the user and asking for confirmation to proceed to the URL, or outright blocking of that URL.